Wilkens: Why cybersecurity and cargo crime are no longer separate problems

For years, cargo theft and cybersecurity have been discussed as two distinct risks. One belonged to the yard, the trailer, and the truck stop. The other lived in email inboxes, IT systems, and compliance checklists. That separation no longer reflects reality.

Today’s cargo crime is increasingly cyber-enabled, and many of the most damaging thefts don’t start with a cut seal or a stolen tractor. They start with a compromised login, a socially engineered dispatcher, or a hijacked digital identity. Treating cargo crime and cybersecurity as separate problems is not only outdated; it actively increases risk.

The transportation sector now faces a single, converged threat: criminal activity that blends cyber, operational, and physical tactics into a coordinated attack. When people think about cargo theft, they often picture the physical moment of loss—a trailer disappearing from a drop yard or a truck diverted from its route. In many modern cases, however, the theft was already decided days or even weeks earlier.

Criminal groups increasingly gain access by exploiting the same weaknesses used in traditional cybercrime. Phishing emails harvest credentials. Impersonation calls convince employees to share sensitive details. Compromised accounts provide access to transportation management systems, load boards, and telematics portals. Once inside, criminals can map freight networks, identify high-value shipments, and manipulate records with little resistance.

By the time a driver arrives to pick up a load, the system already believes the thief is legitimate. This is why cargo theft prevention can no longer rely solely on locks, fences, or tracking devices. The “front door” is digital, and it is often held open by stolen credentials or abused trust. Across both cyber incidents and cargo theft cases, social engineering remains the most reliable entry point. Attackers don’t need zero-day exploits when they can convince someone to click a link, reset a password, or “just help get the load moving.”

What has changed is the sophistication of these attacks. Artificial intelligence (AI) has made phishing emails more convincing and voice impersonation more accessible. Deepfakes impersonating executives, brokers, or IT staff are no longer theoretical. They are already being used to bypass verification steps in high-tempo operational environments.

For fleets, the consequences are operational, not abstract. Fraudulent changes to dispatch instructions. Fake bills of lading. Unauthorized pickups. Payments rerouted before anyone realizes something is wrong. These are not IT failures. They are business disruptions driven by trust and often end with good people being manipulated into doing the wrong thing for the right reasons.

One of the most important shifts in cargo crime is the rise of identity-based attacks. Criminals now routinely steal or fabricate carrier and broker identities to gain legitimacy within freight ecosystems. Fraudulent Federal Motor Carrier Safety Administration (FMCSA) registrations, compromised load board accounts, and impersonated carrier profiles allow criminals to operate in plain sight. Once an identity is trusted, it can be used to book loads, access shipment data, and coordinate physical theft without ever breaching a perimeter fence.

In this environment, digital identity controls matter as much as physical access controls. Strong authentication, least-privilege access, increased vetting, and role-based permissions are no longer "cyber best practices." They are cargo theft prevention measures. Telematics, fleet management platforms, and connected vehicle technologies have delivered enormous operational benefits. They have also expanded the attack surface available to criminals. When telematics systems are poorly secured or broadly accessible, they can be abused to track, reroute, or conceal stolen shipments. In some cases, compromised technology provides real-time intelligence that enables theft with precision rather than opportunity.

One of the clearest lessons from recent cargo crime trends is that siloed security strategies no longer work. Cybersecurity teams may focus on ransomware and data theft, while operations teams focus on theft prevention and safety. Criminals, meanwhile, exploit the gaps between those silos.

Effective defense requires acknowledging the overlap of cybersecurity, operational security, and physical security. Controls in one area often reinforce the others. Multifactor authentication (MFA) doesn’t just protect email accounts;it reduces the risk of fraudulent pickups. Role-based access doesn’t just protect systems; it limits the blast radius of insider threats or compromised credentials.

The goal is not to turn fleets into cybersecurity experts; rather, to align security controls with how freight is actually moved.